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Existent protocol/implementation . Infrastructure : PKI 



Present invention protocol/implementation . NO PKI 




«Web Client» 
message M 



entry/ M [State : plain] 

do/ Me=encrypt(M) 

exit/ Me [State : encrypted] 



send( Me ) 



«Web Server» 
Secure Server 



entry/ Me [State : encrypted] 

do/ M=decrypt(Me) 

event M [State : PLAIN]/ deploy(M) 

do/ Me1=encrypt(M) 

exit/ Me1 [State : encrypted] 



T 



send(Mel) 



«Operator» 
Terminal 



entry/ Me1 [State : encrypted] 

do/ M=decrypt(Me1) 

event M [State : PLAIN]/ perform(M) 
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«Web Client» 
message m 



entry/ m [State : plain] 

do/ me=encrypt(m) 

exit/ me [State : encrypted] 



send(me) 



«Web Serve r» 
Server 



entry/ me [State : encrypted] 
exit/ me [State : encrypted] 



send(me) 



«Operator» 
End Point 



entry/ me [State : encrypted] 

do/ M=decrypt(me) 

event M [State : PLAIN]/ perform(M) 
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Private information flow comparison 



Existent 



Secure Server / Third Party 
"Solutions" 



Present invention 




Client private 
information in 
plain, 

Unencrypted 
form 



Client private 
information 
unknown or 

HRlftrder 

alias 



Client private 
information in 
plain, 

Unencrypted 
form 



Client private 



Information 
in 

Encrypted 
form 




The communicationKey ck has 
no meaning for the Web Server, 
which is used only like a carrier 
for this specific information, in 
contrast with the existing 
solutions, where instead of ck, 
the Card number is used. 



Any attempt to use the 
communicationKey ck more 
than once results in an 
authentication failure and 
therefore the Card number 
remains unknown to any third 
party involved in the 
transaction between the Client 
\]and the Bank 
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requestForContext( ) 



< 



54 



generateEncryptedContextQ 
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sendEncryptedContext() 



56 



sendEncryptedContextForAuthentication() 

> 
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decryptCont|xtAndAuthenticate( ) 
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«select parameterized context H contextParam"» 
contextParam = f (context, parameter) 



where context e Z, parameter eP.PcZ 
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«select secret key "p H » 
p = g(contextParam) 

where p is prime, p > 2 
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«select secret key "n"» 
n = h(context,parameter) 

where n e Z, n > 0 



64 



«select modulus "m°» 
m - p A n 

where m e Z, m > 0 
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«select encryption key "a"» 
a = k(context,parameter) 

where a e M m , (a,e(m)) = 1, 6(m) = p n (1 - 1/p) 
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«select communication key "a1"» 
a1 

where a1 e M m , (a1,9(m)) = 1, a*a1=1 mod 9(m) 
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Input : a 1 - communication key 
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{ «select list L of of possible candidates» 

1 L 



JL 
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«select element from list L» 



73 
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«select parameterized context "contextParam"» 
contextParam = f(z,parameter) 
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V 



1 ( «select secret key "p"» 
^ p = g(contextParam) 



[ «select secret key "n"» 
■| n = h(z, parameter) 
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«select modulus "m"» 
m = p A n 



± 



77 ~vf «select encryption key "p"» 
p = k(z,parameter) 



78^ ^ 

\ «au,theriticatioji>> 

^"(fa 1=1 mod 9(m£. 



no 
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_v_ 



yes 



«element found» 
z0 
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Input : communication key 
a 1 derived from context 
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Select list L of possible 


candidates for context 




r 


Select element 


z from list L 
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Select parameterized context 
'contextParam' 

contextParam = f(z,parameter) 
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Select secret key 6 p' 
p - g(contextParam) 



Select secret key 'n' 
n = h(z,parameter) 



88 / ~ N \^ Solve ecuation 

al * x = 1 mod 0(m) 
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Select modulus 


'm' 


m = p n 






cn 



□ 



m 
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/^\^ Input: context 



101 compute modulus m derived from context 



102 ^\ 



retrieve previouslncrement for context 



1 03 increment = next(previous!ncrement) 
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a = k(context, increment) 



105 /^V 



send communication key al, where a * al = 1 mod 9(m) 
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select z from list L 



1 

compute modulus m z c 


* 

lerived from z 




f 


retrieve previous!ncrement 2 for z 




f 


solve x * al = 1 mod 0( m?) 
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1: ck = generateConnmunicationKey(cellulai1D) 

122 

2: requestToRaceCail(ck) 

> — s/ cellular ) 

120 



3: authenticateClient(ck) 




4: responseToRequestTcPlaceCall 

124 



sques 




cellularlD represents the cell 
phone id code, such as ESN and/or 
MIN.where ESN=Etectronic Serial 
Number and 

MIN=Mobile Identification Number, 
ck represents the encrypted 
equivalent of the cellularlD and a 
parameter such as a counter and/or 
date/time stamp. 



the cam'er(ceilular phone 
company) processes the request 
If the communication key was 
derived from any of various key 
data from a previously provided 
data pool related to the client, 
such as the cell phone id code, 
in combination with a parameter 
such as a counter and date/time 
k^stamp. 
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